<?php
session_start();
// establish connection to the database
@mysql_connect("localhost", "root", "") or die(mysql_error());
    mysql_select_db("mydb") or die(mysql_error());
//include ('functions.php');

 $member_id = $_SESSION['member_id'];
 // get the conference id sent from the previous page
 $confid = intval($_GET['conference_id']);
				$get_name = mysql_query("Select long_name From Conference Where conference_id = '$confid'")or die(mysql_error());
				$Get_name = mysql_fetch_assoc($get_name);
				echo "<h1>{$Get_name['long_name']}</h1>";

print "<h2>Invite Reviewers</h2><br>
<a href='InviteReviewers.php?conference_id={$confid}'>Invite Non-Users</a>";
function sendRequest($requestUserID,$request_text,$confid)
   {
    // checks that the current user id is passed in the session
    if (isset($_SESSION['member_id'])) {
    // saves its value in $member_id
    $member_id = $_SESSION['member_id'];
     // save the array of members' names, emails and roles returned from the check boxes in the value $members
    $members = $_POST['Members'];
    // loop on the members' array
    for ($i=0; $i<count($_POST['Members']); $i++){
    // saves the id of each recepient user
    $requestUserID = $members[$i];
    // (reviewer) request type >>> R
    $R = 'R';

    // return the list of users who have been invited to review in this conference before
    $occurence_check =  mysql_query("SELECT member_id2,conference_id,type FROM member_request_member WHERE member_id2='$requestUserID'
            AND conference_id ='$confid' AND type= '$R'")
            or die(mysql_error());
    // if the query did not returne any results ..
    if (!mysql_num_rows($occurence_check)){
    // insert the request text in the request table
    $get_last_id = mysql_query ("INSERT INTO request(request) VALUES ('$request_text')") or die ('can not insert request'.mysql_error());
    if ($get_last_id) {
    //get the last request_id incremented in the request table
    $last_id = mysql_insert_id();
    }

    // insert the user's deatils in the member_request_member and setting the Approve field to null
    mysql_query ("INSERT INTO member_Request_member(member_id1,member_id2,conference_id,request_id,type)
     VALUES('$member_id','$requestUserID','$confid','$last_id','$R')")
            or die(mysql_error());
    // if the query excutes correctly, alert the organizer that the requests are send
      echo  '<script>',
             'alert("Your request(s) has been successfully sent!");',
             '</script>';
     }
     else {

    // incase this user has been already invited before, this alert message is displayed
          echo  '<script>',
             'alert("This user has already been invited to review in this conference before");',
             '</script>';
     }
     }
    }
     // this message is displayed when the member_id is not obtained from the session
     else {  echo  '<script>',
             'alert("This action can not be performed!");',
             '</script>';
         }
 }

 // if the send button is clicked
 if (isset($_POST['Send'])) {
     // if there's areturn value from the check boc is
    if (isset($_POST['Members'])) {
     // get the conference name
        $get_conference_name= mysql_query("SELECT long_name from Conference where conference_id ='$confid'") or die(mysql_error());
        $row = mysql_fetch_assoc($get_conference_name);
        // save the query result in the $conference name variable
        $conference_name = $row['long_name'];
        // the request text that should be viewed to the user when he view his request, it should be inserted in the request attribute in the request table
        $request_text = 'ConfO would like to request your reviewing services in the '."$conference_name".' conference.
        You can review the conference details in the conference page.';
        // call the send request function on the members array, request text, and conference_id
        sendRequest($_POST['Members'], $request_text, $confid);

    } else {
        // is displayed when no check boxes are selected
         echo  '<script>',
             'alert("You have to select atleast one member!");',
             '</script>';
         }
}

retrieveMembers($member_id,$confid);
function retrieveMembers($member_id) {

$result = mysql_query("Select distinct m.member_id, first_name, last_name, email FROM member m INNER JOIN
        member_privileges ON (m.member_id = member_privileges.member_id )
        Where m.member_id != '$member_id' AND m.activated !='0'
     OR  m.member_id NOT IN (Select distinct m.member_id FROM member_privileges,member m where m.member_id = member_privileges.member_id)")
    or die(mysql_error());// returns al members who are not reviewers in the current conference

// check if the query returned output or not
    if (!mysql_num_rows($result)) {
          echo  '<script>',
             'alert("There are currently no members to invite!");',
             '</script>';

    } else {
        // print the headings of the table columns
            print "<table width=500 border=1>\n";
    print "<tr>\n";
    print "<th>&nbsp; </th>\n";
    print "<th><width=\"0%\" height=\"0\" style=\"display:none\" value=\"Member ID\"</th>\n";
    print "<th> First Name </th>\n";
    print "<th> Last Name </th>\n";
    print "<th> e-mail </th>\n";
    print "</tr>\n";

        while ($row = mysql_fetch_assoc($result)) {
?>
                        <form method="post" action="">

                <?php
                //print each member's informtion
                print "<tr>\n";
                print "<td><input type=\"checkbox\" name=\"Members[]\" value=\"{$row['member_id']}\"></td>\n";
                echo "<td><width=\"0%\" height=\"0\" style=\"display:none\" value=\"\"</td>\n";
                // print names
                echo "<td>{$row['first_name']}</td>\n";
                echo "<td>{$row['last_name']}</td>\n";
                // print emails
                echo "<td>{$row['email']}</td>\n";
                echo "</tr>\n";
                ?>
                    <?
        }
        ?>
    <? // The button that sends the invitations?>
    <tr><td><input type="submit" name="Send" value="Invite Reviewers"></td></tr>
    <br>
    <?
        print "</table>\n";
    }
}
   ?>
<html>
<head>
    <meta http-equiv="X-UA-Compatible" content="IE=9" />
    <link href="style3.css" rel="stylesheet" type="text/css" />
<title>Invite Reviewers</title>
</head>

    </form>

    </html>